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DETAILED ACTION 

Response to Arguments 

1 . Applicant's representative [liereinafter applicant] arguments that Aura does not 
encrypt the random number, it is noted that only claims 3 and the newly amended claim 
16 recites this limitation. Please note, that the encrypted ID also contains the random 
number which can read on the limitation. In addition, Owada also discloses encrypting 
the random number (see par. 0043-0046). 

2. Applicant assert "As noted earlier a random number is not used to encode the 
ID", however, previously the point presented by the applicant was that the number was 
not encrypted, not that the random number is not used. In fact, in the prior sentence 
applicant recite "Aura discloses a process in which an ID is encoded at a sending 
device using a public key" and in the prior page applicant recited "Aura discloses an 
identity protection technique in which a mobile station inputs a public kev (Kd key) 
and an identifier (IMSI) to an algorithm to generate an encrvpted identity . See 
Aura, col. 5, lines 9-12. The public kev is generated bv inputting a random number 
and private key (Kh key) into a hash function. Id., col. 4, lines 45-49." Thereby, since the 
public key used to encrypt the data is generated by using a random number, a random 
number is used to encode the data. 

3. Also applicant asserts that "One of ordinary skill would understand that the 
technique used by Aura reduces and/or prevents the compromise of the cipher key by 
not communicating the cipher key Kd over a transmission medium. For at least this 
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reason, one of ordinary sl<ill would not have modified tlie teacliings of Aura witli tliose of 
Owada because the latter potentially compromises knowledge of the cipher l<ey 
(random number) by transmitting the same over a communication medium.", it is noted 
that combining the references of Aura and Owada would enhance the security rather 
than compromise the cipher key, because the second asymmetrical key would be the 
one used to decrypt the information. 

4. As discussed in the prior paragraph adding Owada to Aura would not change the 
principle of operation that is encrypting the data to protect the data, but to enhance the 
encryption to further inhibit unauthorized use of the data. The rejection in record 
remains. 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

6. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 
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2. Ascertaining tlie differences between the prior art and tlie claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

7. Claims 1 -1 1 and 1 3-1 6 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Aura 6373949 in view of Owada 20020034306. 

As to claim 1 , Aura discloses a process to identify a user of the terminal resource 
by a server resource in a telecommunication network, using a first identifier, where an 
encryption algorithm with a key is implemented in the terminal resource (see col. 3, line 
54 - col. 4, line 5), comprising the following steps: generating a random number in the 
user terminal resource (see fig. 5, step 501); determining in the terminal resource of a 
second identifier as a function of the random number, at least from part of the first 
identifier and from the result of executing the encryption algorithm to which at least the 
random number is applied (see fig. 5, items 502-503) transmitting the second identifier 
to the server resource, and in the server resource, retrieval of retrieving the first 
identifier at least by executing the encryption algorithm to which a key and, at least 
partially, the second transmitted identifier are applied, so that the server resource 
verifies that the first retrieved identifier is written into a memory of the server resource 
(see fig. 5, items 505-506; col. 4, line 36 - col. 5, line 50). Aura does not specifically 
disclose using both symmetrical and asymmetrical algorithm. However, note that two 
keys are being used one for encrypting and the other for decrypting. In an analogous 
art, Owada discloses using an asymmetrical algorithm with a public key and a 
symmetric algorithm with the use of random number (see par.0037, 0043-0046), 



Application/Control Number: 10/529,213 Page 5 

Art Unit: 2617 

thereby using a public and private l^eys. Tlierefore, it would have been obvious to one of 
the ordinary skill in the art at the time of the invention to use the combination of 
algorithms to prevent the unauthorized eavesdropping or use of the information (see 
par. 0054). 

As to claim 2, Aura discloses a process in which the at least one authentication 
further including the step of authenticating the terminal resource by the server resource 
(see fig. 5, items 505-506). 

As to claim 3, Aura discloses a process to identify a user of the terminal resource 
by a server resource in a telecommunication network, using a first identifier, where an 
encryption algorithm with a key is implemented in the terminal resource (see col. 3, line 
54 - col. 4, line 5), comprising the following steps: generating a random number in the 
user terminal resource (see fig. 5, step 501 ); determining in the terminal resource of a 
second identifier as a function of the random number, at least from part of the first 
identifier and from the result of executing the encryption algorithm to which at least the 
random number is applied (see fig. 5, items 502-503) a process in which the 
determination in the terminal resource includes application of the generated random 
number to the encryption algorithm with the public key to produce an encrypted random 
number, application of the generated random number and of the first identifier to 
encryption algorithm implemented in the terminal resource, to produce an encrypted 
identifier, and concatenation of the encrypted random number and of the encrypted 
identifier in the second identifier; transmitting the second identifier to the server 
resource, and in the server resource, retrieval of retrieving the first identifier, and 
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wherein the retrieval in the server resource includes application of the encrypted 
random number to the encryption algorithm with the key, in order to retrieve the 
generated random number, and application of the retrieved random number, and of the 
encrypted identifier to the encryption algorithm, in order to retrieve the first identifier , so 
that the server resource verifies that the first retrieved identifier is written into a memory 
of the server resource (see fig. 5, items 501-506; col. 4, line 36 - col. 5, line 50). Aura 
does not specifically disclose using both symmetrical and asymmetrical algorithm. 
However, note that two keys are being used one for encrypting and the other for 
decrypting. In an analogous art, Owada discloses using an asymmetrical algorithm with 
a public key and a symmetric algorithm with the use of random number (see par.0037, 
0043-0046), thereby using a public and private keys. Therefore, it would have been 
obvious to one of the ordinary skill in the art at the time of the invention to use the 
combination of algorithms to prevent the unauthorized eavesdropping or use of the 
information (see par. 0054). 

As to claim 4, Aura discloses a process to identify a user of the terminal resource 
by a server resource in a telecommunication network, using a first identifier, where an 
encryption algorithm with a key is implemented in the terminal resource (see col. 3, line 
54 - col. 4, line 5), comprising the following steps: generating a random number in the 
user terminal resource (see fig. 5, step 501); determining in the terminal resource of a 
second identifier as a function of the random number, at least from part of the first 
identifier and from the result of executing the encryption algorithm to which at least the 
random number is applied (see fig. 5, items 502-503); wherein the determination in the 
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terminal resource includes application of the generated random number concatenated 
to the first identifier, to the asymmetrical algorithm with the public key to produce the 
second identifier, transmitting the second identifier to the server resource, and in the 
server resource, retrieval of retrieving the first identifier wherein the retrieval in the 
server resource includes application of the second identifier to the cyber algorithm with 
the key in order to retrieve the first identifier, so that the server resource verifies that the 
first retrieved identifier is written into a memory of the server resource (see fig. 5, items 
501-506; col. 4, line 36 - col. 5, line 50). Aura does not specifically disclose using both 
symmetrical and asymmetrical algorithm. However, note that two keys are being used 
one for encrypting and the other for decrypting. In an analogous art, Owada discloses 
using an asymmetrical algorithm with a public key and a symmetric algorithm with the 
use of random number (see par.0037, 0043-0046), thereby using a public and private 
keys. Therefore, it would have been obvious to one of the ordinary skill in the art at the 
time of the invention to use the combination of algorithms to prevent the unauthorized 
eavesdropping or use of the information (see par. 0054). 

As to claim 5, Aura discloses everything as explained above except for the 
process further including the steps of changing the public key and the private key for the 
asymmetrical algorithm in the server resource, and downloading of the changed public 
key from the server resource to the terminal resource. Owada discloses process further 
including the steps of changing the public key and the private key for the asymmetrical 
algorithm in the server resource, and downloading of the changed public key from the 
server resource to the terminal resource (see par.0037, 0043-0046), thereby using a 
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public and private keys. Therefore, it would have been obvious to one of the ordinary 
skill in the art at the time of the invention to use the combination of algorithms to prevent 
the unauthorized eavesdropping or use of the information (see par. 0054). 

As to claim 6, Aura discloses a process wherein the generation of the random 
number is periodic (recurring, repeated) in the terminal resource (see col. 5, lines 46- 
50). 

As to claim 7, Aura discloses a process wherein the generation of the random 
number occurs following activation of a service application (transfer of subscriber 
identity, col. 4, lines 25-51). 

As to claim 8, Aura discloses a user terminal resource identifying itself, or 
identifying a user of the latter, to a server resource, through a telecommunication 
network using a first identifier, an encryption algorithm with a key implemented in the 
terminal resource, comprising: a resource to generate a random number (see fig. 5, 
item 501 ), and a resource, to determine a second identifier as a function of the random 
number, at least from part of the first identifier and from the result of executing the 
encryption algorithm to which at least the random number is applied in order to transmit 
the second identifier to the server resource (see fig. 5, items 502-503), which retrieves 
the first identifier at least by executing the encryption algorithm to which a key and, at 
least partially, the second identifier are applied, and which verifies that the first 
retrieved identifier is written into a memory of the server resource (see fig. 5, items 505- 
506; col. 4, line 36 - col. 5, line 50). Aura does not specifically disclose using both 
symmetrical and asymmetrical algorithm. However, note that two keys are being used 
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one for encrypting and tlie otiier for decrypting. In an analogous art, Owada discloses 
using an asymmetrical algorithm with a public key and a symmetric algorithm with the 
use of random number (see par.0037, 0043-0046), thereby using a public and private 
keys. Therefore, it would have been obvious to one of the ordinary skill in the art at the 
time of the invention to use the combination of algorithms to prevent the unauthorized 
eavesdropping or use of the information (see par. 0054). 

As to claim 9, Aura discloses a user terminal resource which wherein the 
resource to generate a random number and the resource to determine a second 
identifier are included in a portable electronic object of the chip card type (see col. 4, 
lines 48-51). 

As to claim 10, Aura discloses method for identifying at least one of a terminal 
and a user of the terminal to a server in a telecommunications network, comprising the 
following steps: generating a random number in the terminal (see fig. 5, item 501 ); 
applying said random number and a first identifier associated with said terminal to at 
least one cyber algorithm in said terminal, using a key, to generate a second identifier 
that is based upon a combination of said random number and said first identifier (see 
fig. 5, item 502-503); transmitting said second identifier to said server; applying said 
second identifier to said cyber algorithm in said server, using a key, to derive said first 
identifier; and authenticating said terminal or said user in the server, using the derived 
first identifier (see fig. 5, items 505-506; col. 4, line 36 - col. 5, line 50). Aura does not 
specifically disclose using both symmetrical and asymmetrical algorithm. However, note 
that two keys are being used one for encrypting and the other for decrypting. In an 
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analogous art, Owada discloses using an asymmetrical algorithm with a public key and 
a symmetric algorithm with the use of random number (see par.0037, 0043-0046), 
thereby using a public and private keys. Therefore, it would have been obvious to one of 
the ordinary skill in the art at the time of the invention to use the combination of 
algorithms to prevent the unauthorized eavesdropping or use of the information (see 
par. 0054). 

As to claims 1 1 , Aura discloses the method wherein said random number is 
applied to said cyber algorithm in said terminal, together with said key, to generate a 
first result (see fig. 5, item 502), and said first identifier is applied to a second, 
symmetric (related) algorithm in said terminal, together with a key, to generate a second 
result, and wherein said second identifier comprises a combination of said first and 
second results (see fig. 5, item 503). Aura does not specifically disclose using both 
symmetrical and asymmetrical algorithm. However, note that two keys are being used 
one for encrypting and the other for decrypting. In an analogous art, Owada discloses 
using an asymmetrical algorithm with a public key and a symmetric algorithm with the 
use of random number (see par.0037, 0043-0046), thereby using a public and private 
keys. Therefore, it would have been obvious to one of the ordinary skill in the art at the 
time of the invention to use the combination of algorithms to prevent the unauthorized 
eavesdropping or use of the information (see par. 0054). 

As to claim 13, Aura discloses the method wherein said second identifier 
comprises a concatenation of said first and second results (see fig. 5, items 502-503). 
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As to claim 14, Aura discloses the method wherein said random number is 
combined with said first identifier, and the combination of said random number and said 
first identifier is applied as an input to said cyber algorithm in said terminal, together with 
said key, to generate said second identifier (see fig. 5, items 502-503). Aura does not 
specifically disclose using asymmetrical algorithm. However, note that two keys are 
being used one for encrypting and the other for decrypting. In an analogous art, Owada 
discloses using an asymmetrical algorithm with a public key and a symmetric algorithm 
with the use of random number (see par.0037, 0043-0046), thereby using a public and 
private keys. Therefore, it would have been obvious to one of the ordinary skill in the art 
at the time of the invention to use the combination of algorithms to prevent the 
unauthorized eavesdropping or use of the information (see par. 0054). 

As to claim 15, Aura discloses the method wherein said combination comprises a 
concatenation of said random number and said first identifier (see fig. 5, items 502-503). 

As to claim 16, Aura discloses the process in the server resource, further 
comprising: applying the random number to an algorithm to produce an encrypted ID 
including the random number, thereby also encrypting the random number, wherein 
executing the algorithm at the server decodes the encrypted ID with the random number 
(see fig. 5, step 501-506, see col. 4, lines 41-51; col. 5, lines 33-37). Aura does not 
specifically disclose using asymmetrical algorithm. However, note that two keys are 
being used one for encrypting and the other for decrypting. In an analogous art, Owada 
discloses using an asymmetrical algorithm with a public key and a symmetric algorithm 
with the use of encrypting and decrypting the random number (see par.0037, 0043- 
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0046), thereby using a public and private keys. Therefore, it would have been obvious 
to one of the ordinary skill in the art at the time of the invention to use the combination 
of algorithms to prevent the unauthorized eavesdropping or use of the information (see 
par. 0054). 

Conclusion 

8. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action Is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action Is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any Inquiry concerning this communication or earlier communications from the 
examiner should be directed to MARCOS L. TORRES whose telephone number Is 
(571 )272-7926. The examiner can normally be reached on 9:30 am - 6:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, George Eng can be reached on 571-252-7495. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/George Eng/ 

Supervisory Patent Examiner, Art Unit 2617 



/Marcos L Torres/ 
Examiner, Art Unit 2617 



